public boolean isAnon() { return this.name().contains("ANON"); } }
@Override protected void parseHandshakeMessageContent(ECDHEServerKeyExchangeMessage msg) { LOGGER.debug("Parsing ECDHEServerKeyExchangeMessage"); parseCurveType(msg); parseNamedGroup(msg); parseSerializedPublicKeyLength(msg); parseSerializedPublicKey(msg); if (this.keyExchangeAlgorithm == null || !this.keyExchangeAlgorithm.isAnon()) { if (isTLS12() || isDTLS12()) { parseSignatureAndHashAlgorithm(msg); } parseSignatureLength(msg); parseSignature(msg); } }
NamedGroup namedGroup = chooser.getSelectedNamedGroup(); CertificateKeyType neededPublicKeyType = keyExchangeAlgorithm.getRequiredCertPublicKeyType();
if (!AlgorithmResolver.getKeyExchangeAlgorithm(getTlsConfig().getDefaultSelectedCipherSuite()).isEC()) { LOGGER.info("The CipherSuite that should be tested is not an Ec one:" + getTlsConfig().getDefaultSelectedCipherSuite().name());
@Override protected void parseHandshakeMessageContent(DHEServerKeyExchangeMessage msg) { LOGGER.debug("Parsing DHEServerKeyExchangeMessage"); parsepLength(msg); parseP(msg); parsegLength(msg); parseG(msg); parseSerializedPublicKeyLength(msg); parseSerializedPublicKey(msg); // TODO: this.keyExchangeAlgorithm can currently be null, only for test // code that needs to be reworked. if (this.keyExchangeAlgorithm == null || !this.keyExchangeAlgorithm.isAnon()) { if (isTLS12() || isDTLS12()) { parseSignatureAndHashAlgorithm(msg); } parseSignatureLength(msg); parseSignature(msg); } }
public boolean isEC() { return this.name().contains("EC"); }
public static byte[] generateSignature(PrivateKey key, byte[] toBeSigned, SignatureAndHashAlgorithm algorithm, BadRandom random, Chooser chooser) throws CryptoException { String algoName; if (chooser.getSelectedProtocolVersion() == ProtocolVersion.SSL3 || chooser.getSelectedProtocolVersion() == ProtocolVersion.TLS10 || chooser.getSelectedProtocolVersion() == ProtocolVersion.TLS11) { if (AlgorithmResolver.getKeyExchangeAlgorithm(chooser.getSelectedCipherSuite()).name().contains("RSA")) { algoName = "NONEwithRSA"; toBeSigned = ArrayConverter.concatenate(MD5Utils.MD5(toBeSigned), SHA1Utils.sha1(toBeSigned)); } else if (AlgorithmResolver.getKeyExchangeAlgorithm(chooser.getSelectedCipherSuite()).name() .contains("ECDSA")) { algoName = "SHA1withECDSA"; } else { throw new UnsupportedOperationException("Ciphersuite not supported - Check Debug Log"); } } else { algoName = algorithm.getJavaName(); } try { LOGGER.trace("Creating Signature with " + algoName + " over " + ArrayConverter.bytesToHexString(toBeSigned) + " with the PrivateKey:" + key.toString()); Signature instance = Signature.getInstance(algoName); instance.initSign(key, random); instance.update(toBeSigned); return instance.sign(); } catch (SignatureException | InvalidKeyException | NoSuchAlgorithmException ex) { throw new CryptoException("Could not sign Data", ex); } }
for (CipherSuite suite : config.getDefaultClientSupportedCiphersuites()) { KeyExchangeAlgorithm keyExchangeAlgorithm = AlgorithmResolver.getKeyExchangeAlgorithm(suite); if (keyExchangeAlgorithm != null && keyExchangeAlgorithm.name().toUpperCase().contains("EC")) { containsEc = true; break;
for (CipherSuite suite : config.getDefaultClientSupportedCiphersuites()) { KeyExchangeAlgorithm keyExchangeAlgorithm = AlgorithmResolver.getKeyExchangeAlgorithm(suite); if (keyExchangeAlgorithm != null && keyExchangeAlgorithm.name().toUpperCase().contains("EC")) { containsEc = true; break;
/** * * @return */ @Override public Config createConfig() { Config config = super.createConfig(); config.setAddRenegotiationInfoExtension(true); config.setAddServerNameIndicationExtension(true); config.setAddSignatureAndHashAlgorithmsExtension(true); config.setQuickReceive(true); config.setStopActionsAfterFatal(true); config.setStopRecievingAfterFatal(true); config.setEarlyStop(true); boolean containsEc = false; for (CipherSuite suite : config.getDefaultClientSupportedCiphersuites()) { KeyExchangeAlgorithm keyExchangeAlgorithm = AlgorithmResolver.getKeyExchangeAlgorithm(suite); if (keyExchangeAlgorithm != null && keyExchangeAlgorithm.name().toUpperCase().contains("EC")) { containsEc = true; break; } } config.setAddECPointFormatExtension(containsEc); config.setAddEllipticCurveExtension(containsEc); return config; }
/** * * @return */ @Override public Config createConfig() { Config config = super.createConfig(); config.setAddHeartbeatExtension(true); config.setHeartbeatMode(HeartbeatMode.PEER_ALLOWED_TO_SEND); config.setAddRenegotiationInfoExtension(true); config.setAddServerNameIndicationExtension(true); config.setAddSignatureAndHashAlgorithmsExtension(true); config.setQuickReceive(true); config.setStopActionsAfterFatal(true); config.setStopRecievingAfterFatal(true); config.setEarlyStop(true); boolean containsEc = false; for (CipherSuite suite : config.getDefaultClientSupportedCiphersuites()) { KeyExchangeAlgorithm keyExchangeAlgorithm = AlgorithmResolver.getKeyExchangeAlgorithm(suite); if (keyExchangeAlgorithm != null && keyExchangeAlgorithm.name().toUpperCase().contains("EC")) { containsEc = true; break; } } config.setAddECPointFormatExtension(containsEc); config.setAddEllipticCurveExtension(containsEc); return config; } }
tlsConfig.setDefaultClientSupportedCiphersuites(suite); KeyExchangeAlgorithm keyExchangeAlgorithm = AlgorithmResolver.getKeyExchangeAlgorithm(suite); if (keyExchangeAlgorithm != null && keyExchangeAlgorithm.name().toUpperCase().contains("EC")) { tlsConfig.setAddECPointFormatExtension(true); tlsConfig.setAddEllipticCurveExtension(true);
for (CipherSuite suite : config.getDefaultClientSupportedCiphersuites()) { KeyExchangeAlgorithm keyExchangeAlgorithm = AlgorithmResolver.getKeyExchangeAlgorithm(suite); if (keyExchangeAlgorithm != null && keyExchangeAlgorithm.name().toUpperCase().contains("EC")) { containsEc = true; break;